Home  Prev  InCenter 2.2.5 On-Premises Administration Guide  Next

Chapter 10: Centralized Management Control

10.1. Overview

When any Clavister Next Generation Firewall is imported as a node into InCenter, a software flag is set on that node to indicate that it is now under Centralized Management Control.

This means that it is no longer possible to change that node's configuration using a direct management connection and all configuration changes must be made via the InCenter interface.

[Note] Note: Management by InControl is incompatible

If a node is already under centralized management by the Clavister InControl product, this must be first disabled before bringing it under InCenter centralized control. However, using only InCenter monitoring functions is possible with such a node without disabling management by InControl.

Consequences of Centralized Control

While under the centralized control of InCenter, the following will be true for an administrator that connects directly to the firewall.

  • When the administrator connects via an SSH console or when the firewall restarts, the local firewall console will display a message to indicate that it is under centralized management control.

  • The administrator will only have read-only access to the configuration and is restricted to commands like show for viewing configuration data as well as other data such as log messages.

  • The following local operations are exceptions and can be performed while under centralized management control:

    1. Upgrading the InCenter version.

    2. Uploading a new InCenter license file.

    These operations can only be carried out directly on the firewall and none of them will change the centralized control status.

Home  Prev   Next